Atmel and Arduino Announce Wi-Fi Shield 101 at World Maker Faire

Atmel and Arduino teamed up at World Maker Faire to introduce the Wi-Fi shield 101. [Gary] from Atmel gave us the lowdown on this new shield and its components. The shield is a rather spartan affair, carrying only devices of note: an Atmel WINC1500 WiFi module, and an ATECC108 crypto chip.

The WINC1500 is a nifty little WiFi module in its own right. WINC handles IEEE 802.11 b/g/n at up to 72 Mbps. 72Mbps may not sound like much by today’s standards, but it’s plenty fast for most embedded applications. WINC handles all the heavy lifting of the wireless connection. Connectivity is through SPI, UART or I2C, though on the Arduino shield it will be running in SPI mode.

The ATECC108 is a member of Atmel’s “CryptoAuthentication” family. It comes packaged in an 8-pin SOIC, and is compatible with serial I2C EEPROM specifications. Internally the similarities to serial EEPROMs end. The ‘108 has a 256-bit SHA engine in hardware, as well as a Federal Information Processing Standards (FIPS) level random number generator. Atmel sees this chip as being at the core of secure embedded systems. We think it’s pretty darn good, so long as we don’t hear about it at the next DEFCON.

The Wi-Fi shield 101 and associated libraries should be out in January 2015. We can’t wait to see all the new projects (and new ways to blink an LED) the shield will enable.

3D Printing of Parameterized Speaker Enclosures


Despite what you would gather from looking at a mess of wires, carpet, and MDF in the back of a Honda Civic hatchback, building speaker enclosures is a pretty complex business. To get the right frequency response, you’ll need to take into account the driver’s resonant frequency, the volume of any internal components, and how well the speaker works when it reaches the resonant frequency. Heady stuff, but when [Rich] at NothingLabs started 3D printing his own speaker enclosures, he realized he could calculate an ideal enclosure automatically. Ah, the joys of OpenSCAD.

[Rich] wrote a bit of OpenSCAD and put it up on the Thingiverse Customizer, allowing anyone to manually enter a box volume, height and width ratio, size for a speaker hole, and even bass ports.

There are a few really cool features for this way of constructing speaker enclosures; assembly is a snap, and it’s most likely air tight right out of the printer. [Rich] printed an enclosure for a 3″ driver that has a frequency response down to 66Hz – an extremely impressive piece of work. Video below.

[Read more...]

Finding a Shell in a Bose SoundTouch

BOSE Bose, every salesperson’s favorite stereo manufacturer, has a line of WiFi connected systems available. It’s an impressively innovative product, able to connect to Internet Radio, Pandora, music libraries stored elsewhere on the network. A really great idea, and since this connects to a bunch of web services, you just know there’s a Linux shell in there somewhere. [Michael] found it.

The SoundTouch is actually rather easy to get into. The only real work to be done is connecting to port 17000, turning remote services on, and then connecting with telnet. The username is root.

The telnet service on port 17000 is actually pretty interesting, and we’re guessing this is what the SoundTouch iOS app uses for all its wizardry. [Michael] put a listing of the ‘help’ command up on pastebin, and it looks like there are commands for toggling GPIOs, futzing around with Pandora, and references to a Bluetooth module.

Interestingly, when [Michael] first suspected there could be Linux inside this box, he contacted Bose support for any information. He figured out how to get in on his own, before Bose emailed him back saying the information is proprietary in nature.

Multi Input IR Remote Control Repeater


[Peter]‘s folks’ cable company is terrible – such a surprise for a cable TV provider – and the digital part of their cable subscription will only work with the company’s cable boxes. The cable company only rents the boxes with no option to buy them, and [Peter]‘s folks would need five of them for all the TVs in the house, even though they would only ever use two at the same time. Not wanting to waste money, [Peter] used coax splitters can take care of sending the output of one cable box to multiple TVs, but what about the remotes? For that, he developed an IR remote control multidrop extender. With a few small boards, he can run a receiver to any room in the house and send that back to a cable box, giving every TV in the house digital cable while still only renting a single cable box.

The receiver module uses the same type of IR module found in the cable box to decode the signals from the remote. With a few MOSFETs, this signal is fed over a three-position screw terminal to the transmitter module stationed right next to the cable box. This module uses a PIC12F microcontroller to take the signal input and translate it back into infrared.

[Peter]‘s system can be set up as a single receiver, and single transmitter, single receiver and multiple transmitter, many receivers to multiple transmitters, or just about any configuration you could imagine. The setup does require running a few wires through the walls of the house, but even that is much easier than whipping out the checkbook every month for the cable company.

Video below.

[Read more...]

Internet of Things Refrigerator Alarm

fridge alarm

For anyone who gets a late-night craving for anything out of the refrigerator and needs some help in the willpower department, [Claudio] may have the project for you. He has just finished work on a project that sends out an alarm when the refrigerator door opens, alerting others that you’re on the prowl for munchies.

The device uses a light sensor connected to an OpenPicus IoT kit that contains a FlyportPRO Wi-Fi module. When the refrigerator door is opened, the device sends out an email message via a web server, which can be sent to whomever you choose. All of the project’s code and instructions are available on the project site as well.

The project is pretty clever in that no actual interfacing with the refrigerator is required, beyond running a power cable through the seal of the door (although [Claudio] notes that the device will run on a lithium battery as an option). The web server itself can be set up to send out alarms during any timeframe as well, allowing a user to customize his or her nighttime snacking window. If you’re looking for a less subtle approach, we’d recommend the fridge speakers with a volume setting of 11.

Mining Bitcoins with Pencil and Paper


Right now there are thousands of computers connected to the Internet, dutifully calculating SHA-256 hashes and sending their results to other peers on the Bitcoin network. There’s a tremendous amount of computing power in this network, but [Ken] is doing it with a pencil and paper. Doing the math by hand isn’t exactly hard, but it does take an extraordinary amount of time; [Ken] can calculate about two-thirds of a hash per day.

The SHA-256 hash function used for Bitcoin isn’t really that hard to work out by hand. The problem, though, is that it takes a 64 byte value, sends it through an algorithm, and repeats that sixty-four times. There are a few 32-bit additions, but the rest of the work is just choosing the majority value in a set of three bits, rotating bits, and performing a mod 2.

Completing one round of a SHA-256 hash took [Ken] sixteen minutes and forty-five seconds. There are sixty-four steps in calculating the hash, this means a single hash would take about 18 hours to complete. Since Bitcoin uses a double SHA-256 algorithm, doing the calculations on a complete bitcoin block and submitting them to the network manually would take the better part of two days. If you’re only doing this as your daily 9-5, this is an entire weeks worth of work.

Just for fun, [Ken] tried to figure out how energy-efficient the bitcoin mining rig stored in his skull is. He can’t live on electricity, but donuts are a cheap source of calories, at about $0.23 per 200 kcalories. Assuming a metabolic rate of 1500 kcal/day, this means his energy cost is about 67 quadrillion times that of an ASIC miner.

Video below.

[Read more...]

Very Dumb Security For a WiFi Thermostat

elliot We have finally figured out what the Internet of Things actually is. It turns out, it’s just connecting a relay to the Internet. Not a bad idea if you’re building a smart, Internet-connected thermostat, but you have no idea how bad the security can be for some of these devices. The Heatmiser WiFi thermostat is probably the worst of the current round of smart home devices, allowing anyone with even a tiny amount of skill to control one of these thermostats over the Internet.

The Heatmiser is a fairly standard thermostat, able to connect to an 802.11b network and controllable through iOS, Android, and browser apps. Setting this up on your home network requires you to forward port 80 (for browser access) and port 8068 (for iOS/Android access). A username, password, and PIN is required to change the settings on the device, but the default credentials of user: admin, password: admin, and PIN: 1234 are allowed. If you’re on the same network as one of these devices, these credentials can be seen by looking at the source of the webpage hosted on the thermostat.

if you connect to this thermostat with a browser, you’re vulnerable to cross-site request forgery. If you use the Android or iOS apps to access the device with the custom protocol on port 8068, things are even worse: there is no rate limiting for the PIN, and with only four digits and no username required, it’s possible to unlock this thermostat by trying all 10,000 possible PINs in about an hour.

There are about a half-dozen more ways to bypass the security on the Heatmiser thermostat, but the most damning is the fact there is no way to update the firmware without renting a programmer from Heatmiser and taking the device apart. Combine this fact with the huge amount security holes, and you have tens of thousands of installed devices that will remain unpatched. Absolutely astonishing, but a great example of how not to build an Internet connected device.


Get every new post delivered to your Inbox.

Join 94,461 other followers